Sablefort is built so that your team's credentials are protected on your devices, in transit, and at rest — and so that we never see the plaintext. Here's how it works.
A few principles guide every part of the product.
Your vaults are encrypted locally by the Sablefort engine before anything syncs. What leaves your machine is already ciphertext.
Your master password is used only on your device to unlock your vaults. It is never transmitted to us and never stored on our servers.
Every item is protected individually, so access is granted at the level of the vault and the item — not all-or-nothing across your whole account.
Your already-encrypted vaults travel over encrypted connections and are stored encrypted on our infrastructure. Because encryption happens on your device first, our servers only ever handle ciphertext — a "zero-knowledge" design where we can't read your secrets even if we wanted to.
Assign members to vaults with view, edit, or share permissions. Connect SSO and SCIM so access follows your directory and is removed the moment someone leaves.
Views, edits, shares, and break-glass events are recorded to a searchable, exportable log so your security team can always answer who accessed what, and when.
We hold ourselves to recognized standards and keep our practices documented.
Need our security documentation, subprocessor list, or a questionnaire completed? Talk to our team.
We welcome reports from the security community and investigate every submission.